Jump to content

Recommended Posts

Posted

BackStab technique helps criminals get their hands on your private data, via unprotected phone backups

 

A recent report from Palo Alto Networks describes an attack technique called BackStab where malware steals local mobile data backups and uploads them to a server under the attacker's control.

 

This data is not taken from mobile devices per-se, but from computers where users create backups for their phones, or where software solutions create automatic backups of their phones whenever they connect it to their computer.

 

Because most mobile backup tools don't employ encryption, this data can be cracked open and allow attackers access to sensitive information within minutes.

 

Things are worse than you'd think because the technique does not require the malware to have higher-level privileges or root access to the device or the infected computer.

 

At this moment, Palo Alto Networks is reporting on six trojan families that used this technique, the company previously detecting 704 samples where BackStab was employed.

 

BackStab has been used in real-life attacks for the last 5 years

 

BackStab is not a newly discovered technique, Palo Alto reporting on five-year-old samples that have been found in computers spread across 30 countries.

 

According to Palo Alto researchers, the trojans that employ BackStab can steal backup data from both Mac and Windows infected computers, and can only discover and exfiltrate iOS and BlackBerry backup files. Apparently, there's no support for Android backups.

 

Security researchers urge users to use a backup solution that supports encryption, always update to the latest version of their mobile OS, use an antivirus product, and do not click "Trust" on the popup that appears every time they connect their phone to a new computer.

 

You can learn more details about the BackStab technique in Palo Alto Networks' BackStab: Mobile Backup Data Under Attack from Malware whitepaper.

 

Below is a table from the Palo Alto report showing details about the six trojans that employed the BackStab attack in previous years.

 

5ef15b2fec1e2134e5d7673ac74de337.jpg

 

 

 

Source:

http://news.softpedia.com/news/malware-steals-ios-and-blackberry-backups-via-infected-pcs-497244.shtml

76c90dd0e79a714317a8daeecc1584d2.png

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...